The portspoof program is designed to enhance OS security through emulation of legitimate service signatures on otherwise closed ports. It is meant to be a lightweight, fast, portable and secure addition to the any firewall system or security infrastructure. The general goal of the program is to make the port scanning software (Nmap/Unicornscan/etc) process slow and output very difficult to interpret, thus making the attack reconnaissance phase a challenging and bothersome task. Here is an example nmap scan result against system running portspoof: - default scan took about 800s (instead of 20s) - CPU usage was at 0,5% - memory usage was at 0,5% - one legitimate service is running on port in range of 1-65535 - all the rest is fake - portspoof will bind only to one port Check portspoof in action (Live demo - will sometimes hang due to dev. process ): nmap -sV 54.247.124.68 Portspoof is still an early work in progress and although stable and working it will require a lot of additional work (preferably along with a good beverage :)).